Purpose of the Job:
• Assist the Director, Internal Audit Department in performing and executing the Company’s internal audit plan, and take a lead role in the day-to-day execution of internal audits;
• Contribute to the Internal Audit (IA) function by identifying risks associated with business objectives and evaluating the controls in place to mitigate those risks in order to improve the effectiveness of risk management, control, and governance processes;
• Provide value-added advice, recommendation and support to management on the creation or modification of policies, procedures, processes, products or services to ensure an appropriate level of internal control and compliance is maintained.
• Responsible for analyzing and assessing a company's technological infrastructure;
• Provision of the recommendations for protection of the Company’s internal controls and data;
• Reviewing the system the network structure and providing recommendations for creating strategies for preventing security breaches;
• Have an analytical mind in IT systems, applications and infrastructure;
• Review the IT related procurements and share results with the manager.
• Understanding of cybersecurity threats;
• Examine internal IT controls, evaluate the design and operational effectiveness, determine exposure to risk, and develop remediation strategies.
• Troubleshoot security and network problems.
• Respond to all system and/or network security breaches.
• Plan, implement, monitor, and upgrade security measures for the protection of the organization’s data, systems, and networks.
• Participate in the change management process.
• Test and identify network and system vulnerabilities, and create counteractive strategies to protect the network. Conduct efficient and effective IT audit procedures. Communicate complex technical issues in simplified terms to the relevant staff.
• Perform regular audit testing and provide recommendations. Review, evaluate, and test application controls.
• Provide recommendations and guidance on identified security and control risks.
• Develop a strong understanding of business and system processes.
• Assist in the preparation of a concise and informative audit report to effectively communicate the findings and recommendations to IA Director;
• Conduct investigations of suspected internal fraud.
Knowledge, Experience and Skills Required:
• Master’s degree in relevant discipline (information technology/computer information systems or related) required;
• Certified Information Systems Auditor (CISA) is preferred;
• Minimum 2 years experience as an IT auditor strongly preferred;
• Specialized skills in Telecommunications Network/ IT auditing and information systems;
• Solid knowledge of auditing processes and methodologies, including flow-charting;
• Experience with firewalls (functionality and maintenance), Office 365 Security, VSX, and Endpoint Security;
• Financial and IT application experience (SAP, QAD, MFGPro, Peoplesoft, and Hyperion);
• Expert in Firewalls, VPN, Data Loss Prevention, IDS/IPS, Web- Proxy, and Security Audits.
• Clear understanding of IT audit methodologies.
• Solid understanding of risk and control concepts. Ability to apply these concepts to evaluate the adequacy and effectiveness of business processes and controls to mitigate risk to tolerance levels defined by Audit Committee;
• Working knowledge of professional IIA performance standards with regarding to planning, testing, sampling and documentation;
• Well-developed technical skills in SAP and Microsoft Office;
• Prior management and direct supervisory experience in a team environment required;
• Ability to work under pressure in a fast-paced environment.
• Strong attention to detail with an analytical mind and outstanding problem-solving skills.
• Great awareness of cybersecurity trends and hacking techniques
• Ability to travel as necessary to meet audit needs;
• Ability to work well in a team-oriented environment as well as independently;
• Professional linguistic skills (Azeri, English - fluent, Russian- preffered.
• Self-Leadership - Exercise Professional Judgement
• Integrity - Provide Professional Communication